Robert Falcone, Author at Unit42

The BumbleBee webshell, conceptually illustrated here, was discovered as part of an investigation of the continued xHunt campaign.

12,686

people reacted

xHunt Campaign: New BumbleBee Webshell and SSH Tunnels Used for Lateral Movement

By Robert Falcone
January 11, 2021 at 12:01 AM

25 min. read

This image represents the concept of ransomware, such as the Egregor ransomware discussed here.

18,119

people reacted

Threat Assessment: Egregor Ransomware

By Doel Santos, Brittany Barbehenn and Robert Falcone
December 8, 2020 at 6:00 PM

5 min. read

A conceptual image illustrating the concept of espionage, including the type of stealthy activity using backdoors that threat researchers observed the xHunt campaign using.

24,702

people reacted

xHunt Campaign: Newly Discovered Backdoors Using Deleted Email Drafts and DNS Tunneling for Command and Control

By Robert Falcone
November 9, 2020 at 12:00 AM

12 min. read

An illustration of the concept of ransomware, including Thanos

32,020

people reacted

Thanos Ransomware: Destructive Variant Targeting State-Run Organizations in the Middle East and North Africa

By Robert Falcone
September 4, 2020 at 6:00 AM

13 min. read

The conceptual image illustrates the concept of ransomware.

27,802

people reacted

Threat Assessment: WastedLocker Ransomware Activities

By Alex Hinchliffe, Doel Santos, Adrian McCabe and Robert Falcone
July 30, 2020 at 6:00 AM

4 min. read

A conceptual illustration showing a world map along with icons representing malware and other tools used by malicious actors

25,734

people reacted

OilRig Targets Middle Eastern Telecommunications Organization and Adds Novel C2 Channel with Steganography to Its Inventory

By Robert Falcone
July 22, 2020 at 6:00 AM

18 min. read

30,407

people reacted

Updated BackConfig Malware Targeting Government and Military Organizations in South Asia

By Alex Hinchliffe and Robert Falcone
May 11, 2020 at 9:30 PM

16 min. read

29,807

people reacted

APT41 Using New Speculoos Backdoor to Target Organizations Globally

By Bryan Lee, Robert Falcone and Jen Miller-Osborn
April 13, 2020 at 5:45 PM

7 min. read

26,581

people reacted

Molerats Delivers Spark Backdoor to Government and Telecommunications Organizations

By Robert Falcone, Bryan Lee and Alex Hinchliffe
March 3, 2020 at 6:00 AM

28 min. read

28,174

people reacted

Actors Still Exploiting SharePoint Vulnerability to Attack Middle East Government Organizations

By Robert Falcone
February 3, 2020 at 6:00 AM

13 min. read

19,829

people reacted

xHunt Campaign: New Watering Hole Identified for Credential Harvesting

By Brittany Barbehenn and Robert Falcone
January 27, 2020 at 6:00 PM

7 min. read

22,104

people reacted

xHunt Campaign: xHunt Actor’s Cheat Sheet

By Robert Falcone
December 4, 2019 at 8:00 PM

19 min. read

30,931

people reacted

xHunt Campaign: New PowerShell Backdoor Blocked Through DNS Tunnel Detection

By Robert Falcone and Brittany Barbehenn
October 10, 2019 at 5:00 AM

11 min. read

49,614

people reacted

xHunt Campaign: Attacks on Kuwait Shipping and Transportation Organizations

By Robert Falcone and Brittany Barbehenn
September 23, 2019 at 6:00 AM

22 min. read

53,350

people reacted

Emissary Panda Attacks Middle East Government SharePoint Servers

By Robert Falcone and Tom Lancaster
May 28, 2019 at 6:00 AM

13 min. read

Posts created by: Robert Falcone

xHunt Campaign: New BumbleBee Webshell and SSH Tunnels Used for Lateral Movement

Threat Assessment: Egregor Ransomware

xHunt Campaign: Newly Discovered Backdoors Using Deleted Email Drafts and DNS Tunneling for Command and Control

Thanos Ransomware: Destructive Variant Targeting State-Run Organizations in the Middle East and North Africa

Threat Assessment: WastedLocker Ransomware Activities

OilRig Targets Middle Eastern Telecommunications Organization and Adds Novel C2 Channel with Steganography to Its Inventory

Updated BackConfig Malware Targeting Government and Military Organizations in South Asia

APT41 Using New Speculoos Backdoor to Target Organizations Globally

Molerats Delivers Spark Backdoor to Government and Telecommunications Organizations

Actors Still Exploiting SharePoint Vulnerability to Attack Middle East Government Organizations

xHunt Campaign: New Watering Hole Identified for Credential Harvesting

xHunt Campaign: xHunt Actor’s Cheat Sheet

xHunt Campaign: New PowerShell Backdoor Blocked Through DNS Tunnel Detection

xHunt Campaign: Attacks on Kuwait Shipping and Transportation Organizations

Emissary Panda Attacks Middle East Government SharePoint Servers

Popular Resources

Legal Notices

Account

Trending

Popular Resources

Legal Notices

Account